Choice of TLS ciphersuite

Thomas Otto t.otto at
Sat Mar 18 10:41:38 CET 2006

Hi all! I'd like to do some EAP method performance measurements 
with wpa_supplicant and freeradius. 

In the ClientHello, the supplicant sends a list of ciphersuites,
with the most preferred on top, it begins with

Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)

The freeradius Server, however, always selects 0x0035. 

Where can I modify on freeradius side the choice?


More information about the Freeradius-Devel mailing list